On 10/17/2018 02:43 AM, Erik Auerswald wrote:
Linux may do that... ...especially if the NICs are in different broadcast domains (VLANs).
I was thinking that it would happen if the NICs were in the /same/ broadcast domain. I.e. NIC1 heard saw an ARP for NIC3's IP before NIC3 saw it. Thus NIC1 and NIC3 (and likely the others) were in the same broadcast domain.
I can't think of another reason why NICs would see ARP requests for IPs bound to other NICs if they weren't in a common broadcast domain. - Sure there are other things, but that would usually involve issues on the sending side or magic smoke in the middle.
I am not saying that is the case here, just that it might be the case.
If the NICs are connected to a common broadcast domain, then I think chances are good that it's the "weak host model" problem.
That would be an instance of the "weak host model" problem (see RFC 1122, section 3.3.4.2, "Weak ES Model"). The problem is primarily that some expectations about network separation are not fulfilled by the end-system.
(I need to brush up on RFC 1122 § 3.3.4.2. Thank you for the reference point.)
I don't know that it's that end systems don't / can't fulfill the network separation. I think that Linux can be configured to (better) fulfill it via Kernel tunables and / or a combination of ARPTables / IPTables.
I recently read that IPs are supposed to belong to hosts, not individual NICs there on, in TCP/IP Illustrated - Volume 1 - Second Edition. This jives with what I've commonly experienced.
I think part of the problem is a disconnect in what people expect and what TCP/IP specifications state.
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
